In our Meteor app, we currently use the accounts-base package which allows us to register and login user stored in the MongoDB. Also we can use the Accounts API throughout the application which is quiet handy.
So now, our backend team is creating an Identity Service for logging into multiple of our products. They have chosen Auth0 as there provider for registering the users.
So now when I submit my login form in my app, instead of of using Meteor.loginWithPassword
I need to call the oath/ro
endpoint of the app I registered in Auth0.
POST https://tet.au.auth0.com/oauth/ro
Content-Type: 'application/json'
{
"client_id": "fdsfdsse4324242dsffs", // testapp
"username": "",
"password": "",
"id_token": "",
"connection": "",
"grant_type": "",
"scope": "",
"device": ""
}
Docs: https://auth0.com/docs/auth-api#!#get--authorize_db
Using the sandbox of oauth, I can login. But I have no idea how to merge this into Meteor.
I have found the auth0-lock package in Meteor’s Atmosphere, but this seems to force you to use their login form. That is not our requirement.
I have been reading on this blog https://themeteorchef.com/recipes/roll-your-own-authentication/#tmc-setting-up-oauth-services about oAuth and setting up your own.
However, this confuses me even more because this is using oAuth like Google or github.
What I want is have control over the login and register form, and login or create a user in auth0.
I expect some kind of Meteor.loginWithPassword where I can point to a service that will call the https://test.au.auth0.com/oauth/ro
call with username and password and on success store the token and set user in Meteor to logged in.
How do I do this, I have been googling for hours now and almost all examples are oauth and not using this identity provider.
Help!